» f4285aze.exe
Overview
Analysis
File Details
Downloads (23)

f4285aze.exe

Flash Format

CNetX srl

This is a self-extracting archive and installer. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.

File name:

f4285aze.exe

Publisher:

CNetX (signed by CNetX srl)

Product:

Flash Format

Description:

Flash Format Setup Wizard

Version:

2,85,0,205

MD5:

34575623dac1beedf06609d7d9384c1d

SHA-1:

24019118b586187b30f816c76d2d8cd135ca2911

SHA-256:

e6b77df65352bc9d409d0da3869c074dc5a9965062ff667f422b400481ee0114

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

7/9/2025 6:03:40 AM UTC (today)

File size:

829.5 KB (849,368 bytes)

Product version:

2,85,0,205

Original file name:

thinPack.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\f4285aze.exe

Digital Signature

Signed by:

CNetX srl

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

5/31/2007 4:00:00 AM

Valid to:

7/7/2009 3:59:59 AM

Subject:

CN=CNetX srl, OU=PRODUCT DEVELOPMENT, O=CNetX srl, L=Bologna, S=Bologna, C=IT

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

5015685FC7D5E0E0F3E0B8B40E3FDD80

File PE Metadata

Compilation timestamp:

12/9/2008 12:35:28 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:47eDuUlMCQquW3lr7NC1WOX4Qf3qsmHi3LJdbxxzv9/ehZs+nPekXEzjbyLVqwz3:mLCrBpdG6smHibJdNxQnPvQbJ2kg

Entry address:

0x2AF0

Entry point:

83, EC, 44, 56, FF, 15, 70, 30, 40, 00, 8B, F0, 8A, 06, 3C, 22, 75, 14, 8A, 46, 01, 46, 84, C0, 74, 04, 3C, 22, 75, F4, 80, 3E, 22, 75, 0F, 46, EB, 0C, 3C, 20, 7E, 08, 8A, 46, 01, 46, 3C, 20, 7F, F8, 8A, 06, 84, C0, 74, 0C, 3C, 20, 7F, 08, 8A, 46, 01, 46, 84, C0, 75, F4, 8D, 44, 24, 04, C7, 44, 24, 30, 00, 00, 00, 00, 50, FF, 15, 64, 30, 40, 00, F6, 44, 24, 30, 01, 74, 0B, 8B, 44, 24, 34, 25, FF, FF, 00, 00, EB, 05, B8, 0A, 00, 00, 00, 50, 56, 6A, 00, 6A, 00, FF, 15, 68, 30, 40, 00, 50, E8, 0E, F6, FF, FF... 
[+]

Code size:

8 KB (8,192 bytes)

The file f4285aze.exe has been seen being distributed by the following 23 URLs.

http://lb.cdn.m6web.fr/d/c/a/282ffb635fb6e2e4a1a46b2cfe0aa540/58923953/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/4110731b585825bce0b3e18e7c1d9fe1/5817baf1/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/95f4dcf7257ebcb324160d191039510a/56c20e31/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://gsf-cf.softonic.com/240/191/.../file?SD_used=0&channel=WEB&fdh=no&id_file=17140&instance=softonic_en&type=PROGRAM&Expires=1477616748&Signature=ToEb5LidFcbLiumjEmxJuUd3JLRKIEd9aqGiVgH7WpTpLTJpssPpfRNQnZzPJ~ihxQjk90fkfV0VGmwQ5W2zTGLrovIthxBNi3OwbM49js6m~7wbF2khJAtZcCOVr6Pv2JKA9q9zwPRE6nDpDfXrE7nG0jCRcknN37OmOGFwsEs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=F4285AZE.EXE

http://lb.cdn.m6web.fr/d/c/a/de1783b6d683a2335d6d51ca09ce86c5/583d8e4e/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/514f29d5f4bc278ab6e3f2df3dc6938a/582a6343/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/a13c59a027c50acf1e19c45aeeccfdec/5816482b/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/aeeb08eaf4d8a3a19c6ad35bcd303e3a/579b75de/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://gsf-cf.softonic.com/240/191/.../file?SD_used=0&channel=WEB&fdh=no&id_file=17140&instance=softonic_en&type=PROGRAM&Expires=1466501577&Signature=diJbZvYDFhm3dvR6~~WTQKIghzZJ9IRaw20Um2IbHLTkJvMTUkgpRwCBXLd2mvGGFjdzpnKT1uQEYSkx36pwEkY-6MWGN~L7AoLnM06wWWvsI0bFAQR78tYvRKnGS7KrKwoqRu6hsEV5wgWC-yQbowLR9odkQxer8gqevNS4fk4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=F4285AZE.EXE

http://lb.cdn.m6web.fr/d/c/a/57c01167c4d4d2fcf87067e9ce204519/5782ce0c/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/d6800ffe6ed7d9b16218d0608ffbf8b9/56e2c5eb/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/a9746d33c3c384d47ccc4878d93e2442/571790db/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/4cc236453cfa02eb9cd519eed180d992/57540b85/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/064ce133be6e8b9f9408a054f50441cc/5747676d/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://gsf-cf.softonic.com/240/191/.../file?SD_used=0&channel=WEB&fdh=no&id_file=17140&instance=softonic_en&type=PROGRAM&Expires=1450387078&Signature=gkPp-T4Z~HJFIQ5tPppwYJSg5VsrjCx13gwDc0QTDZ3ADXO4mz~OdegDEpu5IrzCA~Z~hhRuT58v61RpRinR0rE8fzKv6nPBUj8m8zMClVAiQWSpe2qGzin993PtRyT2h99IwJ2dHCKJNQIlhWs6U~2uI0-Pkl1l4454Eczk3UA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=F4285AZE.EXE

http://gsf-cf.softonic.com/240/191/.../file?SD_used=0&channel=WEB&fdh=no&id_file=17140&instance=softonic_en&type=PROGRAM&Expires=1455848700&Signature=JfTRJWR1VsuOf7hGqJpBfwvtuM36AoUL-rcsIXXsS1bY6wNLWxAIpXus0H~EgTWr-WmEH7LeinXmPlIKcXT~kg-8jdEHZlG58DHyWTi4qEsGiCFX7nkP4SKmntJAIWlPsgGlMwT-eDBJqMVjVPAWaPMQVnl5jnCCWN2W5uWBI-Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=F4285AZE.EXE

http://www.softportal.com/getsoft-7791-flash-format-1.html

http://www.cnetx.com/format/.../F4285AZE.EXE

http://gsf-cf.softonic.com/240/191/.../file?SD_used=0&channel=WEB&fdh=no&id_file=17140&instance=softonic_en&type=PROGRAM&Expires=1454198090&Signature=RJXNhOGza9V4qkmTzKG~pbobKsUAPkdeFwwFSVz3n44zhYqqj86b1MUYh-zk15logXNJmoUFcW16bcwq8XJ~IjkJ3rnuEfrU6AGfNHOYtn-UjgQp5f48A26uyzIHVMwId66L2TvZTaToh7Oxuqfkem4ujut9Blrvyuf-MY6PM8c_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=F4285AZE.EXE

http://lb.cdn.m6web.fr/d/c/a/9b4779efa5f3d1b5b596611caf48b1b7/547542af/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://d210.cdn.m6web.fr/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://lb.cdn.m6web.fr/d/c/a/37f7dde0e3d7fd7cec557aa45d7c2f1b/53b80bf3/soft/.../flash-format_flash_format_2.85_anglais_11371.EXE

http://cnetx.com/format/.../F4285AZE.EXE

Scan f4285aze.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.